Despite U.S. sanctions imposed in March on the parent company and leadership behind Predator spyware, new evidence shows a resurgence in its usage, with the spyware securing new clients. The latest findings suggest that Predator has adapted and even expanded its operations, a testament to the resilience of the commercial surveillance industry.
According to a report from Recorded Future, newly uncovered infrastructure reveals an increase in Predator spyware activity in recent months, with the infrastructure being used for the spyware’s “staging and exploitation process.” Researchers indicate that the spyware is now being deployed in countries like the Democratic Republic of Congo (DRC) and Angola. While Predator’s use in Angola has been documented before, the DRC is a new addition to its client base. Other clusters of activity were linked to the United Arab Emirates and Madagascar, with a likely inactive cluster associated with Saudi Arabia.
Researchers also identified several servers tied to Predator’s operations in additional countries, but they could not confirm the exact locations. The findings highlight Predator’s persistence, despite a temporary dip in usage following the Biden administration’s sanctions against individuals and entities tied to Intellexa, Predator’s manufacturer.
Julian-Ferdinand Vögele, a Recorded Future researcher, emphasized the difficulty of fully assessing Predator’s rebound due to the possibility of undetected activity. However, it’s clear that Predator operations are regaining momentum, and the spyware’s operators have adapted their tactics to better protect customer anonymity. This includes adding an additional layer to their “multi-tiered delivery system” and enhancing operational security measures, making country-specific attribution more difficult.
One of the key challenges in regulating spyware like Predator is how easily its manufacturers can conceal their operations. Vögele noted that companies involved in spyware production can quickly set up shell companies in jurisdictions that are hard to trace, making it difficult to impose effective regulations.
Although sanctions and increased scrutiny have posed obstacles to Predator operators, they have consistently evolved their methods. “While public reporting and sanctions have likely made it more challenging for Predator operators, the threat has proven to be persistent,” Vögele explained. He also warned that Predator operators will continue to modify their tactics in response to new challenges, as evidenced by their recent changes.
Sponsored • TRJ Ads
Inquiries: contact@therealistjuggernaut.com
